Serial No. 09/107,618 
Conf.No. 8313 



-2- 



ArtUnit: 2152 



In the Claims 

Applicant has submitted a new complete claim set showing the claims as currently 
presented. 

1 . (Previously presented) A data management method for managing access to a 
plurality of volumes of a storage system by at least two devices coupled to the storage system 
through a network, the method comprising steps of: 

receiving over the network at the storage system a request from one of the at least two 
devices for access to at least one of the plurality of volumes of the storage system, the request 
identifying the at least one of the plurality of volumes in the storage system and a represented 
source of the request; and 

selectively servicing the request, at the storage system, based at least in part on steps of: 

determining, from configuration data, whether the represented source is 
authorized to access the at least one of the plurality of volumes; and 

verifying that the represented source of the request is the one of the at least two 
devices that issued the request. 

2. (Previously presented) The data management method according to claim 1, 
wherein the configuration data is stored in the storage system in a configuration table comprising 
a plurality of records, each of the records including an identifier and information indicating 
which of the volumes of data are available to a device associated with the corresponding 
identifier, and wherein the step of selectively servicing further includes steps of: 

receiving the request at the storage system issued by the one of the at least two devices, 
the request including a source identifier identifying the one of at the at least two devices that 
initiated the request and an address to one of the volumes of the plurality of volumes in the 
storage system; and 

determining whether to service the request responsive at least to a portion of the 
configuration data associated with the source identifier and the address of the one of the 
volumes. 



1045630.1 



Serial No. 09/107,618 
Conf.No. 8313 



-3- 



ArtUnit: 2152 



3. (Previously presented) The data management method according to claim 1 , the 
method including a step of: 

forwarding the request from the one of the at least two devices to the storage system over 
the network. 

4. (Original) The data management method according to claim 3, wherein the step 
of forwarding includes forwarding the request using a Fibre Channel protocol. 

5. (Canceled) 

6. (Previously presented) The data management method according to claim 33, 
wherein the act of verifying includes an act of verifying that the represented source of the request 
is the one of the at least two devices that issued the request based, at least in part, on a 
comparison between the request access key and the expected access key. 

7. (Previously presented) The data management method according to claim 6, 
wherein the request access key is encrypted using a key associated with the one of the at least 
two devices that issued the request. 

8. (Previously presented) The data management method according to claim 7, 
wherein the step of verifying further comprises a step of: 

decrypting the request access key at the storage system using a decryption key associated 
with and initially provided by the one of the at least two devices identified in the request. 

9. (Original) The data management method according to claim 1, wherein the one of 
the at least two devices is a host processor, and wherein the step of forwarding includes the step 
of forwarding the request from the host processor to the storage system. 
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10. (Original) The data management method according to claim 1 , wherein at least 
one of the at least two devices is a file server and wherein the step of forwarding includes the 
step of forwarding the request from the file server to the storage system. 

1 1 . (Original) The data management method according to claim 1 , wherein the 
storage system includes a plurality of disk drives, and wherein the step of selectively servicing 
includes the step of forwarding the request to one of the plurality of disk drives. 

12. (Original) The data management method according to claim 1 , further comprising 
a step of: 

validating the request from the one of the at least two devices at the storage system to 
verify that the request was not altered during transit. 

13. (Original) The data management method according to claim 2, wherein the 
configuration table comprises a plurality of records arranged in an array including a plurality of 
rows corresponding to a number of volumes of data available at the storage system and a 
plurality of columns corresponding to a number of ports available at the storage system, and 
wherein each of the records includes a bitmap having a bit corresponding to each device 
authorized to access each of the corresponding ports, and wherein the step of determining 
whether to service the request comprises steps of: 

indexing the configuration database using the address provided in the request to identify 
an indexed record; and 

comparing the bitmap of the indexed record with the source identifier to determine 
whether a bit of the bitmap associated with the source identifier indicates that the one of the at 
least two devices associated with the source identifier has access to the volume of the storage 
system associated with the indexed record. 

14. (Original) The data management method according to claim 1, wherein the step 
of selectively servicing further comprises steps of: 
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servicing a first request issued by a first one of the at least two devices for access to a 
first portion of data in the storage system responsive to configuration data associated with the 
first one of the at least two devices and an address of the first portion of data specified the first 
request; and 

precluding a second request issued by a second one of the at least two devices for access 
to the first portion of data in the storage system from being serviced responsive to configuration 
data associated with the second one of the at least two devices and the address of the first portion 
of data specified in the second request. 

15. (Previously presented) A computer readable medium comprising: 

a first data structure to manage accesses by a plurality of devices to volumes of data at a 
storage system over a communication network, the storage system managing access responsive 
to requests that each identifies one of the plurality of volumes of the storage system to be 
accessed and one of the plurality of devices that is represented as having issued the request, the 
first data structure comprising a plurality of records corresponding to the plurality of devices, the 
plurality of records comprising at least one record corresponding to one of the plurality of 
devices and including configuration information having at least one identifier that identifies 
which of the volumes of the storage system the one of the plurality of devices is authorized to 
access, and authentication information that can be used by the storage system to determine 
whether the one of the plurality of devices that issued the request is the corresponding one of the 
plurality of devices. 

16. (Original) The computer readable medium according to claim 15, in combination 
with the storage system, wherein the computer readable medium is a memory of the storage 
system. 

17. (Previously presented) The combination according to claim 16, in further 
combination with the plurality of devices and the communication network, wherein the storage 
system and the plurality of devices are coupled to communicate over the communication 
network. 
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18. (Original) The combination of claim 17, wherein the storage system and the 
plurality of devices communicate according to a Fibre Channel network protocol. 

19. (Original) The combination according to claim 16, wherein the storage system 
further comprises: 

a second data structure comprising a plurality of records that form a copy of a subset of 
the plurality of records in the first data structure, wherein the subset of the plurality of records in 
the second data structure is associated with a subset of the plurality of devices that are logged 
into the storage system. 

20. (Original) The combination according to claim 19, wherein the second data 
structure further comprises: 

an array of records having a plurality of columns corresponding to the volumes of data at 
the storage system and a plurality of rows corresponding to a plurality of ports of the storage 
system, each record in the array including at least one bit corresponding to each of the plurality 
of devices. 

2 1 . (Previously presented) A storage system comprising: 

at least one storage device apportioned into a plurality of volumes; 

a configuration table to store configuration data identifying which of a plurality of 
devices coupled to the storage system via a network are authorized to access which of the 
plurality of volumes; and 

a filter, responsive to the configuration data, to selectively forward to the at least one 
storage device requests for access to the plurality of volumes received from the plurality of 
devices over the network, wherein each request identifies at least one of the plurality of devices 
that is represented to the storage system as having issued the request, and wherein the filter is 
adapted to verify that the at least one of the plurality of devices identified in the request is the 
device that issued the request. 
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22. (Original) The storage system according to claim 21, wherein the filter forwards 
a request to a volume for servicing by the storage system responsive to the configuration data 
indicating that the one of the plurality of devices that issued the request is authorized to access 
the volume. 

23. (Original) The storage system according to claim 21, wherein the filter precludes 
a request to a volume from being serviced by the storage system responsive to the configuration 
data indicating that the one of the plurality of devices that issued the request is not authorized to 
access the volume. 

24. (Previously presented) The storage system according to claim 21, wherein the 
configuration table comprises a number of records, each record including an identifier and a 
map, the map indicating which volumes of the storage system are capable of being accessed by a 
device associated with the identifier, wherein each request received at the filter includes a source 
identifier identifying the one of the plurality of devices that issued the request and an address to 
one of the plurality of volumes, and wherein the filter further comprises: 

a comparator to compare each request against the information in a selected record in the 
configuration table associated with the request to determine whether the one of the plurality of 
devices that issued the request is authorized to access the volume. 

25. (Original) The storage system according to claim 24, wherein an identifier in the 
selected record corresponds to the source identifier of the request. 

26. (Previously presented) The storage system according to claim 21, in combination 
with the plurality of devices and wherein the network couples the storage system to the plurality 
of devices. 

27. (Original) The combination of claim 26, wherein the storage system and the 
plurality of devices communicate over the network using a Fibre Channel network protocol. 
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28. (Canceled) 

29. (Original) The storage system according to claim 21, further comprising: 
means for validating a request received at the storage system to verify that the request 

was not altered in transit. 

30. (Original) The storage system according to claim 21 , wherein the at least one 
storage device includes a plurality of disk drives. 

3 1 . (Original) The combination according to claim 26, wherein at least one of the 
plurality of devices is a host processor. 

32. (Original) The combination according to claim 26, wherein one of the plurality of 
devices is a file server. 

33. (Previously presented) The data management method of claim 1, further 
comprising an act of transferring an expected access key between the storage system and the at 
least one of the at least two devices, and wherein the act receiving the request includes an act of 
receiving a request from one of the at least two devices for access to at least one of the plurality 
of volumes, the request including a request access key, and wherein the act of verifying includes 
an act of comparing the request access key and the expected access key. 

34. (Previously presented) The data management method of claim 6, further 
comprising an act of transferring encryption information between the storage system and the at 
least one of the at least two devices, and wherein the expected access key and/or the request 
access key are encrypted using the encryption information. 
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